Opinions expressed in this article are those of the sponsor. Search Engine Land neither confirms nor disputes any of the conclusions presented below.

How paid marketers are fighting back against the Fake Web

Bots and fake users steal ad clicks, pollute audience targeting, and skew metrics. Paid marketers are learning to protect themselves.

Chat with SearchBot
Cheq Header

Anyone who manages paid marketing channels knows the importance of being able to accurately report on metrics and KPIs. Typically, marketers are looking to see if their campaigns are driving traffic, conversions, and ultimately pipeline for their go-to-market team. However, today nearly 40% of the internet is made up of fake traffic, which directly impacts marketers’ ability to do their jobs. When bots and fake users interact with paid marketing campaigns, they can decrease the effectiveness of nearly every aspect of advertising. 

First, when bots click on ads, the obvious downside is that they take away that portion of the cost-per-click budget. But the damage does not stop there, as they also consequently divert ad spend away from potential customers. Additionally, if audience segments and smart campaigns become infected with bots, they can inadvertently encourage ads to be remarketed to additional fake users until they are completely unusable. Optimizations also become skewed as pixels fire when fake users interact with campaigns, which ultimately delegitimizes all performance metrics. 

Fortunately, many paid marketers are noticing these issues, staying diligent, and fighting back against the Fake Web. Throughout this article, we describe the ways they are identifying threats and combating them in order to increase the effectiveness of their campaigns and make the most of their ad spend. 

Checking for time zone mismatches 

When it comes to mobile and desktop devices, users are able to select a Declared Time Zone in their settings. Typically, if the user is a legitimate person going about their daily life, they select the time zone that they are most frequently living and working in, so that their Declared Time Zone reflects reality. However, some malicious users may choose to declare a different time zone from the one they are actually in, so that they appear to be in a time zone that a given business typically works within. The reason for this deception is to trick that business into thinking they are a legitimate customer. One way that smart paid marketers are snooping out this type of suspicious activity is by checking the Declared Time Zone of a device against the actual Device Time Zone. If there is a mismatch, the user could be masking their identity for malicious purposes. 

Watching out for repetitive behaviors 

Bots are programmed to perform the same actions over and over. Similarly, malicious human users typically perform hacks and fraudulent activities at a high volume. Furthermore, and perhaps most concerningly, botnets attempt to make a whole network of bots look like a single user. For this reason, to protect their campaigns from planned attacks, paid marketers are looking for repeated behaviors coming from the same IP address or from the same cookied user. Identifying repeated malicious behaviors can help these marketers stop attacks in their tracks. 

Analyzing traffic metric anomalies

Website traffic metrics from paid marketing campaigns can vary based on many naturally occurring factors such as time of day, keyword strength, and current designated campaign budget. For this reason it can be tempting to overlook unusual spikes in traffic from advertising campaigns, and brush them off as a non-issue. But savvy paid marketers know better. Unusual spikes in website traffic on specific days, from areas outside targeted geographies, and atypically high bounce rates, can all be indications of a bot attack. By carefully analyzing all website traffic, these marketers are able to quickly identify malicious activity impacting their campaigns. 

Looking for user agent inconsistencies

User agents are the devices and mechanisms that someone uses to access the internet. For example, someone’s user agent string could identify them as a tablet user who is operating on a Windows operating system, and accessing the internet via Google Chrome. All internet users have a string of information about themselves like this, and most user agents have unalarming qualities. But malicious users may try to manipulate their user agent in order to hide their true characteristics, so that they can more easily commit fraudulent activities while going undetected. However, marketers who pay close attention to user agents in their analytics platforms are looking out for inconsistencies, and identifying potential threats. For example, using an Apple device with Android software is nearly impossible, so if something like that appears in a company’s analytics platform, there is a good chance that the user is manipulating their user agent for malicious purposes. 

Reevaluating traffic sources 

Paid marketers take stock of the sources that are driving the most traffic to their site to see if they align with the channels they are investing in most. However, if one paid channel is driving a lot of traffic, but that traffic is leading to unusually low conversion rates, something could be awry. In order to identify whether affiliate programs, content syndication programs, and other paid platforms are sending bots traffic to their sites, paid marketers are looking closely at this traffic and checking to see if behaviors across different channels are driving the same behaviors throughout the funnel. They are essentially looking for oddities and inconsistencies throughout the buyer journey, and diving in deeper to see if any inconsistencies could be caused by fake traffic.  

Deploying go-to-market security 

As one can imagine, analyzing all of this data on top of running paid marketing campaigns can quickly become overwhelming. Fortunately, there are go-to-market security platforms that can step in and automate many of these processes. GTMSec is one of the fastest-growing categories in cybersecurity, largely because it is designed to address the problems that the Fake Web causes for marketers and analysts specifically. Rather than creating solutions for the IT department to protect against fraud, these GTMSec platforms speak the marketer’s language and can help block fraudulent activity from infecting their campaigns. Since bots and fake users stand in the way of marketing objectives, it makes sense for paid marketers to prioritize cybersecurity in order to meet their goals and KPIs.


About the author

CHEQ
CHEQ is the go-to-market team’s security suite, trusted by over 12,000 customers worldwide to protect their funnels, sites, and analytics from bots and fake users. Powered by award-winning cybersecurity technology, CHEQ offers the broadest suite of solutions for securing the entire funnel, from paid marketing to on-site conversion, data and analytics.

Get the must-read newsletter for search marketers.